[Cryptography] New White Paper: GhostLine - Information-Theoretically Secure Multi-Party Chat

[Ferecides de Siros]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi Ron,

The key distribution mechanism is explicitly addressed in section 3.1 of the paper. 
While OTP has limitations, it remains the only encryption scheme providing information-theoretic 
security - which is why it's studied in academic contexts despite practical challenges.

Regarding pseudonymity: unlike Satoshi, I'm not attempting to create a decentralized currency but 
rather exploring the theoretical limits of secure communication. The mathematical proofs should 
stand independent of author identity.

That said, to address your concerns about consistent authorship, I will henceforth cryptographically 
sign my messages using the PGP key associated with "Hitokiri Battosai." You can verify all future 
signed messages against the public key available in my repository and website.

This should provide the cryptographic consistency you requested, allowing us to focus on the technical 
merits of the work rather than authorship discussions.

Best,
Hitokiri
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOPhOn65N+XbUXMpWZ3IkUdCGxpUFAmi+DfUACgkQZ3IkUdCG
xpVs3Q/9EqB15yx3bumUJzXtcHPgwXDBzufUUtHXxxwNIH7zfd2auAPmGB9N0WGt
h2wACzEseKZdiLi+p5JEyEPggOhefYD9flgqj75vQR0vDVQD7/oH39HDSVHB8ost
ElSSmO3lq7ZN5qTuqqxXdzZ3VCeVDRVpKbPM4280zh8nDYwbTa5jG21bb195tiGV
h88KHJVwWJvMFY8gif4lgjp4gbSz57hvi/B4A3NVwOiTDHfVXWLcNjXFv8MaGs2/
5H533HNDG46shD+43yaI9EN67dXzu0m1ZFmz4xW1Gvj7Ym/heVfpWxEjWqpRoMaw
NV//vGp6vM3du3M9NHhd7DE/ybNwHXvRinvYbWL7yHtOhNUjPue1KzNNVPfsZ+Bb
JQSu7OstAYDDYh6PSDGt6CZc4fUpAvgcbtmOt5RC5FSMK7Gu2WEiHSfiwq6/XjvR
xa2pFzROXdgow/LKOuK5C+LC/jk8XZOUgzTCJuxWED71lYKkTPxF4niqvQ4foNnT
twLivpuBWo5C7T4o/P8XkyB8hj9toqQDTmkfkCq0VMq7n+CqeLjnuaLZPBWPVUW+
Sjl2V68xaP/eOc3zTB5QikgcUq36MCjIPGYb2drIz5xhPPvT+TT3rwxfx+4mOMLJ
3vG7M5e+OZsPwXR5MN4GY28YC30u/K+S3KX1KmvbgaP2Ol1hHA8=
=Thz/
-----END PGP SIGNATURE-----





Sent with Proton Mail secure email.

On Sunday, September 7th, 2025 at 16:09, Ron Garret <ron at flownet.com> wrote:

> > On Sep 7, 2025, at 9:57 AM, Andrew Lee andrew at joseon.com wrote:
> > 
> > On Sep 6, 2025, at 7:49 AM, Ron Garret ron at flownet.com wrote:
> > 
> > > I looked at this paper so you don't have to. The paper appears superficially plausible, but the general heuristic that any mention of a one-time-pad is a strong indicator of crackpottery applies here. AFAICT on a cursory reading, the paper isn't wrong, it just leaves out one teensy little detail: key exchange. There is a reason that OTP is never used in practice despite being information-theoretically secure.
> > 
> > Criticality is always valuable, but we should also keep the door open to unconventional ideas, even if something appears impractical. If someone is misguided, it’s great to opine and share, as you have, but let’s not dismiss or gatekeep. While this may not fit with any of your uses cases, said cases exist. With proper engagement, who knows what could be created or verified therefrom.
> 
> 
> Sure. But there are certain things that are just a waste of time, like creationism, flat-eartherism, lunar-landing denialism, and perpetual motion machines. One-time pads fall into this category, for a very simple reason: if you had a secure way to distribute an OTP you could use that same mechanism to securely distribute a message and you would not need the OTP. (This is not quite true. There is one use case for an OTP, which is that you have a secure way to distribute it at one time, and you want to send a secure message using that OTP at a later time. But this is an extremely rare circumstance, and it never applies to the stated use case for Ghostline.)
> 
> So this is not arbitrary dismissal of an idea for superficial reasons, this is pointing out that the idea being advanced is not new, but rather one that is proposed by crackpots on the regular, and that there is a well-known and sound reason for dismissing it out of hand.
> 
> > > There are additional clues: the "From" header lists the senders name as "Ferecides de Siros" [1] but the message body and the paper both say that the author's name is "Hitokiri Battosai" [2], and the "about me" page on the web site listed in the contact information in the paper says "I'm Aristoh4ck8r, the enigmatic force behind the curtain."
> > 
> > This is ad hominem and unnecessary. Not sure why someone’s government-name must be used versus using a pseudonym. "Privacy is the power to selectively reveal oneself to the world” — Eric Hughes, A Cypherpunk’s Manifesto.
> 
> 
> Because anonymity/pseudonymity is a good first-order filter for crackpottery. Satoshi was an extreme anomaly, and he did two things to provide evidence that he was not a crackpot. First, he cryptographically signed all of his messages. His identity was thus bound not to a government name but to a cryptographic key. Nonetheless, it was bound. We can know that all of the messages signed with Satoshi's key were (almost certainly) authored by a single entity (and given the state of AI at the time, that that entity was almost certainly a human.) There is absolutely no way to know whether two messages allegedly written by Ferecides de Siros, or Hitokiri Battosai, or Aristoh4ck8r, or whatever label you want to attach to this person (if s/he even is a person and not an AI) were actually authored by the same entity. This entity is not even bound to a single pseudonym!
> 
> Also, it ultimately didn't really matter whether Satoshi concealed his/her identity because the ideas s/he presented actually worked and didn't have any big missing pieces. That cannot be said for Ghostline, which, because it is based on an OTP, is the cryptographic equivalent of a perpetual motion machine.
> 
> rg
> 
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> https://www.metzdowd.com/mailman/listinfo/cryptography